The following Fedora 18 Security updates need testing: Age URL 240 https://admin.fedoraproject.org/updates/FEDORA-2013-6117/eucalyptus-3.2.2-1.fc18 87 https://admin.fedoraproject.org/updates/FEDORA-2013-17195/spice-gtk-0.18-3.fc18 81 https://admin.fedoraproject.org/updates/FEDORA-2013-17635/wireshark-1.10.2-4.fc18 79 https://admin.fedoraproject.org/updates/FEDORA-2013-17853/davfs2-1.4.7-3.fc18 23 https://admin.fedoraproject.org/updates/FEDORA-2013-21875/389-ds-base-1.3.0.9-1.fc18 9 https://admin.fedoraproject.org/updates/FEDORA-2013-22949/net-snmp-5.7.2-7.fc18 6 https://admin.fedoraproject.org/updates/FEDORA-2013-23068/rubygem-i18n-0.6.0-2.fc18 5 https://admin.fedoraproject.org/updates/FEDORA-2013-23122/firefox-26.0-2.fc18,xulrunner-26.0-1.fc18 5 https://admin.fedoraproject.org/updates/FEDORA-2013-23140/python-setuptools-0.6.49-1.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2013-23215/php-5.4.23-1.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-23291/thunderbird-24.2.0-2.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-23299/libreswan-3.7-1.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-23378/openttd-1.3.3-1.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-23401/v8-3.14.5.10-3.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-23479/nss-util-3.15.3-1.fc18,nss-3.15.3-1.fc18,nss-softokn-3.15.3-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-23466/xen-4.2.3-12.fc18 The following Fedora 18 Critical Path updates have yet to be approved: Age URL 310 https://admin.fedoraproject.org/updates/FEDORA-2013-2192/nautilus-3.6.3-5.fc18 9 https://admin.fedoraproject.org/updates/FEDORA-2013-22918/opus-1.1-1.fc18 9 https://admin.fedoraproject.org/updates/FEDORA-2013-22917/colord-1.0.5-1.fc18 5 https://admin.fedoraproject.org/updates/FEDORA-2013-23122/firefox-26.0-2.fc18,xulrunner-26.0-1.fc18 5 https://admin.fedoraproject.org/updates/FEDORA-2013-23140/python-setuptools-0.6.49-1.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2013-23224/openssh-6.1p1-11.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-23291/thunderbird-24.2.0-2.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-23312/dracut-029-1.fc18.3 3 https://admin.fedoraproject.org/updates/FEDORA-2013-23306/abrt-2.1.10-1.fc18,libreport-2.1.10-1.fc18,satyr-0.12-1.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-23297/libfm-1.1.4-1.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-23381/cryptsetup-1.6.3-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-23479/nss-util-3.15.3-1.fc18,nss-3.15.3-1.fc18,nss-softokn-3.15.3-1.fc18 The following builds have been pushed to Fedora 18 updates-testing armadillo-3.930.1-1.fc18 bcfg2-1.3.3-3.fc18 chmsee-2.0.2-5.git86d101c9.fc18 eclipse-4.2.2-8.fc18 ez-ipupdate-3.0.11-0.29.b8.fc18 nss-3.15.3-1.fc18 nss-softokn-3.15.3-1.fc18 nss-util-3.15.3-1.fc18 qterminal-0.4.0-5.fc18 thunderbird-lightning-2.6.4-7.fc18 vcsh-1.20131214-1.fc18 xen-4.2.3-12.fc18 Details about builds: ================================================================================ armadillo-3.930.1-1.fc18 (FEDORA-2013-23455) Fast C++ matrix library with interfaces to LAPACK and ATLAS -------------------------------------------------------------------------------- Update Information: Latest stable release, the main changes are: * added divide-and-conquer variant of svd_econ(), for faster SVD * added divide-and-conquer variant of pinv(), for faster pseudo-inverse * added element-wise variants of min() and max() * added size() based specifications of submatrix view sizes * added randi() for generating matrices with random integer values * added inplace_trans() for memory efficient in-place transposes (contributed by Alexandre Drouin) * added more intuitive specification of sort direction in sort() and sort_index() * added more intuitive specification of method in det(), .i(), inv() and solve() * added more precise timer for the wall_clock class when using C++11 -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 10 2013 José Matos <jamatos@xxxxxxxxxxxxxxxxx> - 3.930.1-1 - update to 3.930.1 - update the name of the documentation paper from 2013 to 2014 -------------------------------------------------------------------------------- ================================================================================ bcfg2-1.3.3-3.fc18 (FEDORA-2013-23473) A configuration management system -------------------------------------------------------------------------------- Update Information: Fixes bz #1043229 This update includes the new upstream 1.3.3 release and the work to reconcile the upstream specfile with the Fedora specfile. The new specfile includes the 'settings.py' module bugfix (commit 7895f095 from July). This update includes the new upstream 1.3.3 release and the work to reconcile the upstream specfile with the Fedora specfile. The new specfile includes the 'settings.py' module bugfix (commit 7895f095 from July). This update includes the new upstream 1.3.3 release and the work to reconcile the upstream specfile with the Fedora specfile. The new specfile includes the 'settings.py' module bugfix (commit 7895f095 from July). Disable server-cherrypy package build to make Fedora buildsys happy This update includes the new upstream 1.3.3 release and the work to reconcile the upstream specfile with the Fedora specfile. The new specfile includes the 'settings.py' module bugfix (commit 7895f095 from July). Update for el5 branch: - Upstream 1.3.3 release - Including the new specfile reconciled with upstream's. This package's reporting system is known to break, but the reporter lost interest before the problem was resolved. If others are still running the bcfg2 reporting or server on el5, I'll gladly work with them to resolve any packaging problems. -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 15 2013 John Morris <john@xxxxxxxxxxx> - 1.3.3-3 - Remove unneeded Django dep in 'web' package, bz #1043229 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1043229 - web package has broken Django dep for el5 https://bugzilla.redhat.com/show_bug.cgi?id=1043229 [ 2 ] Bug #1003882 - Bcfg2-server requires bcfg2-web https://bugzilla.redhat.com/show_bug.cgi?id=1003882 -------------------------------------------------------------------------------- ================================================================================ chmsee-2.0.2-5.git86d101c9.fc18 (FEDORA-2013-23459) HTML Help viewer for Unix/Linux -------------------------------------------------------------------------------- Update Information: rebuild for xulrunner 26 -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 9 2013 Yijun Yuan <bbbush.yuan@xxxxxxxxx> - 2.0.2-5.git86d101c9 - rebuild for xulrunner 26 -------------------------------------------------------------------------------- ================================================================================ eclipse-4.2.2-8.fc18 (FEDORA-2013-23462) An open, extensible IDE -------------------------------------------------------------------------------- Update Information: Rebuild to pick up latest dependencies. -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 16 2013 Alexander Kurtakov <akurtako@xxxxxxxxxx> 1:4.2.2-8 - Rebuild to pick latest deps. -------------------------------------------------------------------------------- ================================================================================ ez-ipupdate-3.0.11-0.29.b8.fc18 (FEDORA-2013-23477) Client for Dynamic DNS Services -------------------------------------------------------------------------------- Update Information: Fix failure on start due to missing /run directory, and other issues. -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 13 2013 Alexander Boström <abo@xxxxxxxxxxxxxxxx> - 3.0.11-0.29.b8 - Improve systemd unit file and fix broken tmpfiles handling. - Pull patches from openSUSE and Debian and fix error handling. - General tidying up. * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.0.11-0.28.b8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Wed Feb 13 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.0.11-0.27.b8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #833595 - ez-ipupdate missing tmpfiles.d config for PIDs https://bugzilla.redhat.com/show_bug.cgi?id=833595 [ 2 ] Bug #850103 - Introduce new systemd-rpm macros in ez-ipupdate spec file https://bugzilla.redhat.com/show_bug.cgi?id=850103 [ 3 ] Bug #656583 - Please Update Spec File to use %ghost on files in /var/run and /var/lock https://bugzilla.redhat.com/show_bug.cgi?id=656583 [ 4 ] Bug #993746 - ez-ipupdate possibly affected by F-20 unversioned docdir change https://bugzilla.redhat.com/show_bug.cgi?id=993746 [ 5 ] Bug #992239 - ez-ipupdate: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=992239 [ 6 ] Bug #912430 - Shutdown timeout when killing ez-ipupdate https://bugzilla.redhat.com/show_bug.cgi?id=912430 [ 7 ] Bug #892215 - Update to ez-ipupdate systemd unit file to use multiple instances https://bugzilla.redhat.com/show_bug.cgi?id=892215 -------------------------------------------------------------------------------- ================================================================================ nss-3.15.3-1.fc18 (FEDORA-2013-23479) Network Security Services -------------------------------------------------------------------------------- Update Information: This update rebases the nss, nss-util, and nss-softokn packages to nss-3.15.3 and nspr to nspr-4.10.2 in order to address security-relevant bugs that have been resolved in NSS 3.15.3. For further details please refer to the upstream release notes at https://developer.mozilla.org/en-US/docs/NSS/NSS_3.15.3_release_notes For best results you should upgrade all packages at once including any devel packages. -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 9 2013 Elio Maldonado <emaldona@xxxxxxxxxx> - 3.15.3-1 - Update to NSS_3_15_3_RTM - Resolves: Bug 1031897 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 nss: various flaws - Fix option descriptions for setup-nsssysinit manpage - Remove unused patches -------------------------------------------------------------------------------- References: [ 1 ] Bug #1030807 - CVE-2013-5605 nss: Null_Cipher() does not respect maxOutputLen (MFSA 2013-103) https://bugzilla.redhat.com/show_bug.cgi?id=1030807 -------------------------------------------------------------------------------- ================================================================================ nss-softokn-3.15.3-1.fc18 (FEDORA-2013-23479) Network Security Services Softoken Module -------------------------------------------------------------------------------- Update Information: This update rebases the nss, nss-util, and nss-softokn packages to nss-3.15.3 and nspr to nspr-4.10.2 in order to address security-relevant bugs that have been resolved in NSS 3.15.3. For further details please refer to the upstream release notes at https://developer.mozilla.org/en-US/docs/NSS/NSS_3.15.3_release_notes For best results you should upgrade all packages at once including any devel packages. -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 1 2013 Elio Maldonado <emaldona@xxxxxxxxxx> - 3.15.2-3 - Update to NSS_3_15_3_RTM - Related: Bug 1031897 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1030807 - CVE-2013-5605 nss: Null_Cipher() does not respect maxOutputLen (MFSA 2013-103) https://bugzilla.redhat.com/show_bug.cgi?id=1030807 -------------------------------------------------------------------------------- ================================================================================ nss-util-3.15.3-1.fc18 (FEDORA-2013-23479) Network Security Services Utilities Library -------------------------------------------------------------------------------- Update Information: This update rebases the nss, nss-util, and nss-softokn packages to nss-3.15.3 and nspr to nspr-4.10.2 in order to address security-relevant bugs that have been resolved in NSS 3.15.3. For further details please refer to the upstream release notes at https://developer.mozilla.org/en-US/docs/NSS/NSS_3.15.3_release_notes For best results you should upgrade all packages at once including any devel packages. -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 1 2013 Elio Maldonado <emaldona@xxxxxxxxxx> - 3.15.3-1 - Update to NSS_3_15_3_RTM - Related: Bug 1031897 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1030807 - CVE-2013-5605 nss: Null_Cipher() does not respect maxOutputLen (MFSA 2013-103) https://bugzilla.redhat.com/show_bug.cgi?id=1030807 -------------------------------------------------------------------------------- ================================================================================ qterminal-0.4.0-5.fc18 (FEDORA-2013-23472) Advanced terminal emulator -------------------------------------------------------------------------------- Update Information: Release bump. -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 19 2013 TI_Eugene <ti.eugene@xxxxxxxxx> - 0.4.0-5 - Next git snapshot - Changelog dates (year) fixed * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.4.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Tue May 7 2013 TI_Eugene <ti.eugene@xxxxxxxxx> - 0.4.0-3 - Source URL update - second desktop validate added * Mon May 6 2013 TI_Eugene <ti.eugene@xxxxxxxxx> - 0.4.0-2 - Source URL update * Mon May 6 2013 TI_Eugene <ti.eugene@xxxxxxxxx> - 0.4.0-1 - initial packaging for Fedora -------------------------------------------------------------------------------- ================================================================================ thunderbird-lightning-2.6.4-7.fc18 (FEDORA-2013-23469) The calendar extension to Thunderbird -------------------------------------------------------------------------------- Update Information: Update to 2.6.4 for TB 24.2.0. -------------------------------------------------------------------------------- ChangeLog: * Sat Dec 14 2013 Orion Poplawski <orion@xxxxxxxxxxxxx> - 2.6.4-7 - Sync thunderbird-mozoptions from thunderbird package * Wed Dec 11 2013 Orion Poplawski <orion@xxxxxxxxxxxxx> - 2.6.4-6 - Update to 2.6.4 - Drop caldav patch - Exclude cs locale for now - doesn't build * Wed Nov 27 2013 Jan Horak <jhorak@xxxxxxxxxx> - 2.6.2-5 - Enable arm arch * Sun Nov 24 2013 Orion Poplawski <orion@xxxxxxxxxxxxx> - 2.6.2-4 - Use lightning 2.6.2 source * Mon Nov 4 2013 Orion Poplawski <orion@xxxxxxxxxxxxx> - 2.6.2-3 - Add upstream patch to fix caldav sync -------------------------------------------------------------------------------- ================================================================================ vcsh-1.20131214-1.fc18 (FEDORA-2013-23475) Version Control System for $HOME -------------------------------------------------------------------------------- Update Information: Bumped version to 1.20131214 -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 15 2013 Dridi Boukelmoune <dridi.boukelmoune@xxxxxxxxx> - 1.20131214-1 - Bumped version to 1.20131214 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1043255 - vcsh-1.20131214-1-bpo70+1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1043255 -------------------------------------------------------------------------------- ================================================================================ xen-4.2.3-12.fc18 (FEDORA-2013-23466) Xen is a virtual machine monitor -------------------------------------------------------------------------------- Update Information: IOMMU TLB flushing may be inadvertently suppressed -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 11 2013 Michael Young <m.a.young@xxxxxxxxxxxx> - 4.2.3-12 - IOMMU TLB flushing may be inadvertently suppressed [XSA-80, CVE-2013-6400] (#1040024) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1035811 - CVE-2013-6400 xen: IOMMU TLB flushing may be inadvertently suppressed https://bugzilla.redhat.com/show_bug.cgi?id=1035811 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test